CHMOD_777

Hello @jlbrown, I see that you were noticing a high number of entries in a system.log. I'd like to have you collect logs from the endpoint and submit them to us via a support ticket. Please see the links below for instructions on how to collect the logs as well how to submit a new ticket. Collect Logs https://support.malwarebytes.com/hc/en-us/articles/360038522294-Collect-Malwarebytes-Endpoint-Agent-diagnostic-logs Create New Ticket https://support.malwarebytes.com/hc/en-us/requests/new Warm Regards,

Hello @fyang, I see that you were having some difficulties with trying to disable the service. It is likely that you have the "Service and Process Protection" function enabled. Please see the screenshot below for more information regarding this. Additionally, if you have the tray icon enabled, you can always hold "CTRL" + "Right-Click" the tray icon and selection the option that says "Stop Malwarebytes Service." Warm Regards,

Hello @GMSMRM I currently have a support ticket with you regarding this issue but haven't heard back from you. I'll send you another follow-up on the case so that we can discuss further. Warm Regards,

Hello @AlexLeadingEdge, I see that you were having some difficulties with scans failing. It could either be the machine is not connecting to the cloud console, in which case you may want to restart the endpoint, or the "Malwarebytes Endpoint Agent" service. If the plugin is not installed, that would also cause it to fail. When you look at the list of services, do you see the "Malwarebytes Service?" It should be directly under the aforementioned "Malwarebytes Endpoint Agent" service. Regarding uninstalling and redeploying Malwarebytes, you can use the uninstall utility, MBST, linked below. MBST CLI Utility: https://support.malwarebytes.com/hc/en-us/articles/360038524734 Installing Malwarebytes: https://support.malwarebytes.com/hc/en-us/articles/360039025273-Add-endpoints-in-Malwarebytes-Nebula An excerpt from the installation link Windows MSI: msiexec /i "<fullpath1>\Setup.MBEndpointAgent.msi" /quiet /log "<fullpath2>\Setup.MBEndpointAgent.msi.log" NEBULA_PROXY_SERVER=http://<ip> NEBULA_PROXY_PORT=<port> NEBULA_PROXY_USER=<user@domain> NEBULA_PROXY_PWD=<password> GROUP=<gggggggg-gggg-gggg-gggg-gggggggggggg> @ECHO. %ERRORLEVEL% returned by MSIEXEC Windows command line switches /i - Runs installation. Example: msiexec /i "<fullpath1>\Setup.MBEndpointAgent.msi" /passive /x - Runs uninstall. Example: msiexec /x "<fullpath1>\Setup.MBEndpointAgent.msi" /quiet /quiet - Optional. Runs silent installation. /passive - Optional. Runs installation and shows GUI progress box. /log - Optional. Outputs to the specified file. This is equivalent to the switch “/L”. If a software deployment tool is being tested where /log cannot be used, a registry setting can force logging. For more information, see Additional MSI References below. Warm Regards,

Hello @SmoothOperator, Thank you for the recommendation. I have taken this and forwarded this information over to our Development and Engineering team for review. Warm Regards,

Hello @DeanAnderson Currently, the latest version of Anti-Exploit is 1.13.2.146. I'd like to make sure you have this version installed and see if you are able to still replicate this issue. Warm Regards,

Hello @ymitech I found another post of yours relating to a similar topic. As I've replied on the other, I will go ahead and merge these two posts into one, so we may continue off the original. Warm Regards,

Hello @ymitech We're sorry to hear that you are having some difficulties logging in to update card information. Would you mind taking a screenshot of the specific Malwarebytes Product you are using so that we may verify and determine the steps that will be necessary to help resolve this. As both @exile360 and @Porthos suggested, we will likely want to have you open up a support case at the following link in order to better assist you and keep personal your information off a public forum. Business Support: https://support.malwarebytes.com/community/contactsupport/pages/business-support Warm Regards,

Hello @straffin Unfortunately, there is not a method to run cloud based scans through the command line. The only command line utility for running scans would be the MBBR Utility which you mentioned you are familiar with above. Warm Regards,

Hello @rapw2013 Can you please take a screenshot of where you are searching including the options you are using to search for endpoints? Additionally, what version of the Malwarebytes Management Console are you using? Warm Regards,

Hello @rapw2013 Rather than trying to remove the endpoints from "Admin" tab, you'll want to be in the "Client" tab, select the endpoints you wish to remove, right click, and then select "Remove Client(s)". Please see the screenshot below detailing this. Warm Regards,

Hello @straffin If you are looking for command line scanning, you might be interested in Malwarebytes Breach Remediation which is a command line scanning utility. Please see the link below for information on how to use the tool. Please note that scans run from MBBR will only display the results locally, and that information will not be pushed to the cloud console. MBBR Admin Guide: Malwarebytes Breach Remediation Windows Administrator Guide Warm Regards,

Hello @straffin I see that you had some questions regarding having users initiate a scan. If you have the tray icon enabled, they can do so by right-clicking the Malwarebytes Tray icon and selecting Run scan. Please see the screenshot below. Warm Regards,

Hello @Kernel Glad you were able to get this resolved. When you get "Failed to restore from Quarantine" you'll want to verify that the endpoint is indeed online and communicating with the cloud console via the "Malwarebytes Endpoint Agent Service." Warm Regards,

Hello @JeffIT Glad to see that you have gotten this issue resolved. Our Team will be sending out a Root Cause Analysis to those affected regarding this issue. Warm Regards,